|
|
| |
GFI MailSecurity is "a Content filtering, anti-virus and Email Intrusion prevention product from GFI".
Buffer Overflow vulnerability discovered in web module of GFI MailSecurity product. |
| |
Credit:
The information has been provided by Gary O'leary-Steele.
|
| |
Vulnerable Systems:
* GFI MailSecurity version 8.1
Immune Systems:
* GFI MailSecurity version 8.x patched with MSEC8_PATCH_20050919_01.zip
An exploitable Buffer Overflow within the HTTP management interface has been identified. By sending large strings within several areas of the HTTP request (such as a large 'Host' or 'Accept' header) critical portions of memory are overwritten.
Verification of this vulnerability can be achieved through the use of a HTTP fuzzer, such as @stake webproxy. Successful exploitation could allow an attacker to gain administrative control of the targeted host.
Vendor Response:
Vendor released patch and public notice.
http://kbase.gfi.com/showarticle.asp?id=KBID002451
ftp://ftp.gfi.com/patches/MSEC8_PATCH_20050919_01.zip
|
|
|
